public static void Configure(HttpConfiguration config, XssStrategy strategy) { var wrappedFormatters = config.Formatters.Select(fmt => new XssFilteringMediaTypeFormatter(fmt, strategy)).ToList(); config.Formatters.Clear(); config.Formatters.AddRange(wrappedFormatters); }
private string Sanitize(string dirty, AllowHtmlAttribute attribute, XssStrategy strategy) { switch (strategy) { case XssStrategy.AspNet: throw new NotImplementedException(); case XssStrategy.HtmlSanitizer: return(SanitizeHtmlSanitizer(dirty, attribute)); case XssStrategy.AntiXss: return(SanitizeAntiXss(dirty, attribute)); default: throw new NotImplementedException(); } }
public XssModelValidationProvider(XssStrategy strategy) { _strategy = strategy; }
public XssFilteringMediaTypeFormatter(MediaTypeFormatter innerFormatter, XssStrategy strategy) : base(innerFormatter) { _innerFormatter = innerFormatter; _strategy = strategy; }
private string Sanitize(string dirty, AllowHtmlAttribute attribute, XssStrategy strategy) { switch (strategy) { case XssStrategy.AspNet: throw new NotImplementedException(); case XssStrategy.HtmlSanitizer: return SanitizeHtmlSanitizer(dirty, attribute); case XssStrategy.AntiXss: return SanitizeAntiXss(dirty, attribute); default: throw new NotImplementedException(); } }